Methods and systems for initiating a financial transaction by a cardholder device

ABSTRACT

A method and system for processing a financial transaction initiated by a cardholder with a merchant. The cardholder initiates the transaction using a cardholder input device and transmits an authorization request message including transaction data received by the cardholder input device from a point of sale (POS) device associated with the merchant. The authorization request message is received by a computer system. The transaction data is validated, and an authorization response message is transmitted after validation. The cardholder input device may forward the authorization response message to the POS device for completing the transaction.

BACKGROUND OF THE INVENTION

This invention relates generally to processing transactions associatedwith financial transaction card accounts and, more particularly, tonetwork-based methods and systems for processing payment cardtransactions initiated by a cardholder using a cardholder controlledinput device.

Historically, the use of “charge” cards for consumer transactionpayments was at most regional and based on relationships between localcredit issuing banks and various local merchants. The payment cardindustry has since evolved with the issuing banks forming associations(e.g., MasterCard®) and involving third party transaction processingcompanies (e.g., “Merchant Acquirers”) to enable cardholders to widelyuse charge cards at any merchant's establishment, regardless of themerchant's banking relationship with the card issuer.

For example, FIGS. 1 and 2 of the present application show exemplarypayment-by-card systems. FIG. 1 shows an exemplary private label paymentcard system, and FIG. 2 shows an exemplary multi-party payment cardindustry system for enabling payment-by-card transactions in which themerchants and issuer do not need to have a one-to-one specialrelationship. Various scenarios exist in the payment-by-card industrytoday, where the card issuer has a special or customized relationshipwith a specific merchant, or group of merchants. These special orcustomized relationships may, for example, include private labelprograms, co-brand programs, proprietary card brands, rewards programs,and others. The special or customized issuer-merchant relationshipsoften require direct communications between the parties for transactionauthorization and/or clearing (e.g., for financial transactions).Further, the issuer may be required to maintain back office processes tomanage the financial aspects of these special or customizedrelationships. Alternatively, the issuers may exploit communicationsthrough merchant acquirers to facilitate indirect communications withthe merchants.

There are also scenarios in the payment-by-card industry where the cardissuer does not have a special or customized relationship with aspecific merchant, or group of merchants. These types of transactionsare typically processed using a multi-party payment card system similarto the one shown in FIG. 2.

Traditional card account payment environments involve amerchant-controlled point of interaction (POI). Traditional points ofinteraction include point of sale devices, access through a merchantwebsite, and interaction through a merchant telephone to initiate theauthorization request. Collectively, these traditional points ofinteraction might be referred to as a merchant environment. For allinteractions within this environment, an account number associated witha cardholder's financial transaction card is entered into the specificmerchant's environment in order to conduct the transaction and/or obtainan authorization.

The specific cardholder interactions could include the cardholder givinghis financial transaction card to a merchant to swipe or key into themerchant point of sale device, the merchant initiating a telephone calland entering the account number through interactive voice or through thetelephone keypad, the cardholder himself swiping his card into themerchant's point of sale device, or the merchant or cardholder enteringthe account number into the merchant's website. Payments for approvedtransactions are managed with the issuer or merchant's acquirer based onthe specific card payment network or closed loop environment.

One problem with the merchant environment is that the card and theaccount number are exposed to potential fraud. Though various securityfeatures for the card and account number are used, a more secureenvironment is needed. Consideration is now being given to ways toenable account holders to utilize their accounts remotely from the abovelisted devices, such that the account holder can initiate or “push”transactions which are then processed over the bankcard network withouta merchant-controlled POI.

Another problem with the merchant environment is the cost associatedwith the merchant having to communicate with the issuer, the merchantacquirer and/or the payment card network. These costs include costs forboth equipment and data transmission. In some cases, merchants are notable to afford these costs, and therefore, these merchants are unable totake advantage of the payment-by-card systems. In other cases, themerchants may be able to afford the upfront equipment costs and/or datatransmission costs for each transaction being processed, but arerequired to pass these costs on to their customers. In some cases, thesecosts may be passed on to customers that do not even utilize thepayment-by-card system. Further, in some cases, a merchant may wish toaccept payment cards but lack the capacity, for a variety of reasons, toconnect to the payment card network.

Accordingly, it would be beneficial to have a payment-by-card systemthat allows the cardholders to initiate a transaction using a cardholdercontrolled input device for a variety of reasons including improvedsecurity and reduced merchant costs. Such a system would allow amerchant to reduce its upfront equipment costs and its data transmissioncosts since the cardholder input device would be utilized for performingat least part of the transaction.

BRIEF DESCRIPTION OF THE INVENTION

In one embodiment, a computer-based method for processing a financialtransaction initiated by a cardholder with a merchant is provided. Thecardholder initiates the transaction using a cardholder input device,and the cardholder input device stores account data that is associatedwith a payment account. An issuer associates the payment account withthe cardholder. The method includes receiving, at the issuer, anauthorization request message relating to the transaction. Theauthorization request message is transmitted by the cardholder inputdevice and includes transaction data received by the cardholder inputdevice from a point of sale (POS) device associated with the merchant.The transaction data is validated, and an approved authorizationresponse message is transmitted after validation. The cardholder inputdevice forwards the approved authorization response message to the POSdevice for completing the transaction.

In another embodiment, a device for processing a financial transactionis provided. The device includes a memory device configured to storeaccount data associated with a cardholder, a communication interfaceconfigured to receive transaction data from a point of sale (POS) deviceassociated with a merchant, and a processor that is coupled to thememory device and the communication interface. The processor isprogrammed to transmit an authorization request message relating to thetransaction to a computer system via the communication interface. Theauthorization request message includes the transaction data and theaccount data.

In another embodiment, a computer-based method for processing afinancial transaction initiated by a cardholder via a cardholder inputdevice is provided. The method includes receiving from the cardholderinput device an authorization request message relating to thetransaction. The authorization request message includes transaction datareceived by the cardholder input device from a point of sale (POS)device associated with a merchant. The transaction data is validated,and when the transaction data is successfully validated, an approvedauthorization response message is transmitted to the cardholder inputdevice. The cardholder input device forwards the approved authorizationresponse message to the POS device.

In another embodiment, a system for processing a financial transactioninitiated by a cardholder with a merchant is provided. The systemincludes a point of sale (POS) device associated with the merchant and acomputer device. The POS device is configured to transmit transactiondata to a cardholder input device associated with the cardholder. Thetransaction data relates to the financial transaction. The computerdevice is configured to receive an authorization request messageincluding the transaction data directly from the cardholder inputdevice. The computer device is also configured to validate thetransaction data and to transmit directly to the cardholder input devicean authorization response message indicating whether the transactiondata was successfully validated.

In another embodiment, one or more computer-readable media havingcomputer-executable instructions embodied thereon are provided. Whenexecuted by a computer device, the computer-executable instructionscause the computer device to initiate a financial transaction with apoint of sale (POS) device associated with a merchant; to receivetransaction data relating to the financial transaction from the POSdevice; to transmit to a remote computer an authorization requestmessage that includes the received transaction data and account datastored at the computer device; to receive an approved authorizationresponse message from the remote computer; and to forward the approvedauthorization response message to the POS device.

BRIEF DESCRIPTION OF THE DRAWINGS

FIGS. 1-12 show exemplary embodiments of the methods and systemsdescribed herein.

FIG. 1 is a schematic diagram of an exemplary private label card accountpayment environment that includes a point of interaction controlled by aprivate label merchant, a card issuer or issuing bank, and a transactionprocessor interconnecting the point of interaction and card issuer.

FIG. 2 is a schematic diagram illustrating an exemplary multi-partypayment card industry system for enabling ordinary payment-by-cardtransactions in which merchants and card issuers do not necessarily havea one-to-one relationship.

FIG. 3 is a simplified block diagram of an exemplary payment card systemin accordance with one embodiment of the present invention.

FIG. 4 is an expanded block diagram of an exemplary embodiment of aserver architecture of a payment card system in accordance with oneembodiment of the present invention.

FIG. 5 is a block diagram of an exemplary embodiment of a user computerdevice as shown in FIGS. 3 and 4.

FIG. 6 is a block diagram of an exemplary embodiment of a servercomputer device as shown in FIGS. 3 and 4.

FIG. 7 is a block diagram of a portion of an exemplary payment cardsystem showing an authentication data flow between a merchant POSdevice, a cardholder input device, and a payment network.

FIG. 8 is a block diagram of a portion of an exemplary payment cardsystem showing a first alternative authentication data flow between amerchant POS device, a cardholder input device, and a payment network.

FIG. 9 is a block diagram of an exemplary payment card system showing asecond alternative authentication data flow between a merchant POSdevice, a cardholder input device, a payment network, an issuing bank,and an acquiring bank.

FIG. 10 is a more detailed block diagram of an exemplary payment cardsystem showing a payment data flow between a merchant POS device, acardholder input device, an issuing bank computer system, a paymentnetwork and a merchant bank account.

FIG. 11 is a more detailed block diagram of the exemplary payment cardsystem shown in FIG. 8 showing a first alternative payment data flowbetween a merchant POS device, a cardholder input device, an issuingbank computer system, a payment network, an acquiring bank computersystem, and a merchant bank account.

FIG. 12 is a more detailed block diagram of the exemplary payment cardsystem shown in FIG. 9 showing a second alternative payment data flowbetween a merchant POS device, a cardholder input device, an issuingbank computer system, a payment network, an acquiring bank computersystem, and a merchant bank account.

DETAILED DESCRIPTION OF THE INVENTION

Embodiments of the methods and systems described herein facilitatecommunication of transaction data from a point of sale (POS) deviceassociated with a merchant to a remote computer system associated with apayment network, an acquiring bank, and/or an issuing bank via acardholder device. In some embodiments, the cardholder device initiatesa transaction with the POS device, receives data from the POS device,and transmits an authorization request message including data from boththe POS device and the cardholder device to the remote computer system.The remote computer system validates the data and, upon a successfulvalidation, transmits an approved authorization response message to thecardholder device. The cardholder device may forward the approvedauthorization response message to the POS device to complete thetransaction.

By using the wireless communication link of the cardholder device, themerchant is able to reduce its hardware and transmission costs that aretypically associated with a payment by card transaction. In addition,the transmission by the cardholder device may reduce certain securityconcerns with providing an account number to a merchant.

The following detailed description illustrates embodiments of theinvention by way of example and not by way of limitation. It iscontemplated that the invention has general application to processingfinancial transaction data by a third party in industrial, commercial,and residential applications.

As used herein, an element or step recited in the singular and proceededwith the word “a” or “an” should be understood as not excluding pluralelements or steps, unless such exclusion is explicitly recited.Furthermore, references to “one embodiment” of the present invention arenot intended to be interpreted as excluding the existence of additionalembodiments that also incorporate the recited features.

The methods and systems described herein may be implemented usingcomputer programming or engineering techniques including computersoftware, firmware, hardware or any combination or subset thereof,wherein the technical effects may include at least one of: a)transaction data is received from a point of sale (POS) device by acardholder device; b) an authorization request message including thetransaction data is transmitted by the cardholder device to a computersystem associated with a payment network, an issuing bank, and/or anacquiring bank; c) the transaction data is validated; d) upon successfulvalidation, an approved authorization response message is transmitted bythe computer system to the cardholder device; and e) the cardholderdevice forwards the approved authorization response message to the POSdevice.

FIG. 1 is a schematic diagram of an exemplary private label card accountpayment environment 1 that includes a point of interaction 2 controlledby a private label merchant, a card issuer or issuing bank 3, and atransaction processor 4 interconnecting point of interaction 2 and cardissuer 3. The merchant's point of interaction 2 generally includes oneor more of a point of sale device 10, a telephone 11, and/or a merchantwebsite 12, through which authorization requests are initiated.

More specifically, a merchant authorization request 15 is generated atthe merchant's point of interaction 2 which is sent to the transactionprocessor 4 and forwarded to the card issuer 3 as a request forauthorization 16. Upon verifying a status of the cardholder account, thecard issuer 3 responds to the transaction processor 4 with anauthorization response 18 which is received by the transaction processor4 and forwarded to the merchant's point of interaction 2 as anauthorization response to merchant 19.

In regard to the card account payment environment 1, a cardholder'saccount number is entered into the merchant's environment with which thecardholder is doing business, in order to obtain the authorization. Asdescribed above, this conventionally includes one or more of thefollowing: a cardholder giving his card to a merchant to swipe or keyinto the merchant point of sale device 10, the cardholder or merchantinitiating a phone call from telephone 11 to enter a card accountnumber, the cardholder himself swiping his card in the merchant's pointof sale device 10, or the merchant or cardholder entering the accountnumber associated with the financial transaction card into themerchant's website 12. Payments for approved transactions are managedwith the card issuer 3 or merchant's acquirer (not shown in FIG. 1)based on the specific card payment network or other closed-loopenvironment. In the exemplary embodiment, private label card accountpayment environment 1 generally includes point of interaction 2, cardissuer 3, and transaction processor 4 in a closed communication networksuch that authorization requests 15 and 16 remain within private labelcard account payment environment 1 and authorization responses 18 and 19also remain within private label card account payment environment 1.

FIG. 2 is a schematic diagram 20 illustrating an exemplary multi-partypayment card industry system for enabling ordinary payment-by-cardtransactions in which merchants and card issuers do not necessarily havea one-to-one relationship. The present invention relates to a paymentcard system, such as a credit card payment system using the MasterCard®interchange. The MasterCard® interchange is a proprietary communicationsstandard promulgated by MasterCard International Incorporated® for theexchange of financial transaction data between financial institutionsthat are members of MasterCard International Incorporated®. (MasterCardis a registered trademark of MasterCard International Incorporatedlocated in Purchase, N.Y.).

In a typical payment card system, a financial institution called the“issuer” issues a payment card, such as a credit card, to a consumer,who uses the payment card to tender payment for a purchase from amerchant. To accept payment with the payment card, the merchant mustnormally establish an account with a financial institution that is partof the financial payment system. This financial institution is usuallycalled the “merchant bank” or the “acquiring bank” or “acquirer bank.”When a consumer 22 tenders payment for a purchase with a payment card(also known as a financial transaction card), the merchant 24 requestsauthorization from the merchant bank 26 for the amount of the purchase.The request may be performed over the telephone, but is usuallyperformed through the use of a point-of-sale terminal, which reads theconsumer's account information from the magnetic stripe on the paymentcard and communicates electronically with the transaction processingcomputers of the merchant bank. Alternatively, a merchant bank mayauthorize a third party to perform transaction processing on its behalf.In this case, the point-of-sale terminal will be configured tocommunicate with the third party. Such a third party is usually called a“merchant processor” or an “acquiring processor.”

Using the interchange 28, the computers of the merchant bank or themerchant processor will communicate with the computers of the issuerbank 30 to determine whether the consumer's account is in good standingand whether the purchase is covered by the consumer's available creditline. Based on these determinations, the request for authorization willbe declined or accepted. If the request is accepted, an authorizationcode is issued to the merchant.

When a request for authorization is accepted, the available credit lineof consumer's account 32 is decreased. Normally, a charge is not postedimmediately to a consumer's account because bankcard associations, suchas MasterCard International Incorporated®, have promulgated rules thatdo not allow a merchant to charge, or “capture,” a transaction untilgoods are shipped or services are delivered. When a merchant ships ordelivers the goods or services, the merchant captures the transactionby, for example, appropriate data entry procedures on the point-of-saleterminal. If a consumer cancels a transaction before it is captured, a“void” is generated. If a consumer returns goods after the transactionhas been captured, a “credit” is generated.

For debit card transactions, when a request for a PIN authorization isapproved by the issuer, the consumer's account 32 is decreased.Normally, a charge is posted immediately to a consumer's account. Thebankcard association then transmits the approval to the acquiringprocessor for distribution of goods/services, or information or cash inthe case of an ATM.

After a transaction is captured, the transaction is settled between themerchant, the merchant bank, and the issuer. Settlement refers to thetransfer of financial data or funds between the merchant's account, themerchant bank, and the issuer related to the transaction. Usually,transactions are captured and accumulated into a “batch,” which issettled as a group.

Financial transaction cards or payment cards can refer to credit cards,debit cards, and prepaid cards. These cards can all be used as a methodof payment for performing a transaction. As described herein, the term“financial transaction card” or “payment card” includes cards such ascredit cards, debit cards, and prepaid cards, but also includes anyother devices that may hold payment account information, such as mobilephones, personal digital assistants (PDAs), and key fobs.

FIG. 3 is a simplified block diagram of an exemplary payment card system100 in accordance with one embodiment of the present invention. System100 is a payment card system, which can be utilized by account holdersas part of a process of initiating an authorization request andperforming a transaction as described below.

More specifically, in the example embodiment, system 100 includes aserver system 112, which is a type of computer system, and a pluralityof client sub-systems (also referred to as client systems 114) connectedto server system 112. In one embodiment, client systems 114 arecomputers including a web browser, such that server system 112 isaccessible to client systems 114 using the Internet. Client systems 114are interconnected to the Internet through many interfaces including anetwork, such as a local area network (LAN) or a wide area network(WAN), dial-in-connections, cable modems, and special high-speed ISDNlines. Client systems 114 could be any device capable of interconnectingto the Internet including a web-based phone, personal digital assistant(PDA), or other web-based connectable equipment.

System 100 also includes point-of-sale (POS) terminals 115, which areconnected to client systems 114 and may be connected to server system112. POS terminals 115 are interconnected to the Internet through manyinterfaces including a network, such as a local area network (LAN) or awide area network (WAN), dial-in-connections, cable modems, wirelessmodems, and special high-speed ISDN lines. POS terminals 115 could beany device capable of interconnecting to the Internet and including aninput device capable of reading information from a consumer's financialtransaction card.

A database server 116 is connected to database 120, which containsinformation on a variety of matters, as described below in greaterdetail. In one embodiment, centralized database 120 is stored on serversystem 112 and can be accessed by potential users at one of clientsystems 114 by logging onto server system 112 through one of clientsystems 114. In an alternative embodiment, database 120 is storedremotely from server system 112 and may be non-centralized. Database 120may store transaction data generated as part of sales activitiesconducted over the bankcard network including data relating tomerchants, account holders or customers, and purchases. Database 120 mayalso store account data including at least one of a cardholder name, acardholder address, an account number, and other account identifier.Database 120 may also store merchant data including a merchantidentifier that identifies each merchant registered to use the paymentcard network, and instructions for settling transactions includingmerchant bank account information.

System 100 also includes at least one input device 118, which isconfigured to communicate with at least one of POS terminal 115, clientsystems 114 and server system 112. In the exemplary embodiment, inputdevice 118 is associated with or controlled by a cardholder making apurchase using a payment card and payment card system 100. Input device118 is interconnected to the Internet through many interfaces includinga network, such as a local area network (LAN) or a wide area network(WAN), dial-in-connections, cable modems, wireless modems, and specialhigh-speed ISDN lines. Input device 118 could be any device capable ofinterconnecting to the Internet including a web-based phone, personaldigital assistant (PDA), or other web-based connectable equipment. Inputdevice 118 is configured to communicate with POS terminal 115 usingvarious outputs including, for example, Bluetooth communication, radiofrequency communication, near field communication, network-basedcommunication, and the like.

In the example embodiment, one of client systems 114 may be associatedwith an acquirer while another one of client systems 114 may beassociated with an issuer, POS terminal 115 may be associated with amerchant, input device may be associated with a cardholder, and serversystem 112 may be associated with the interchange network.

FIG. 4 is an expanded block diagram of an exemplary embodiment of aserver architecture of a payment card system 122 in accordance with oneembodiment of the present invention. Components in system 122, identicalto components of system 100 (shown in FIG. 3), are identified in FIG. 4using the same reference numerals as used in FIG. 3. System 122 includesserver system 112, client systems 114, POS terminals 115, and inputdevices 118. Server system 112 further includes database server 116, atransaction server 124, a web server 126, a fax server 128, a directoryserver 130, and a mail server 132. A storage device 134 is coupled todatabase server 116 and directory server 130. Servers 116, 124, 126,128, 130, and 132 are coupled in a local area network (LAN) 136. Inaddition, a system administrator's workstation 138, a user workstation140, and a supervisor's workstation 142 are coupled to LAN 136.Alternatively, workstations 138, 140, and 142 are coupled to LAN 136using an Internet link or are connected through an Intranet.

Each workstation, 138, 140, and 142 is a personal computer having a webbrowser. Although the functions performed at the workstations typicallyare illustrated as being performed at respective workstations 138, 140,and 142, such functions can be performed at one of many personalcomputers coupled to LAN 136. Workstations 138, 140, and 142 areillustrated as being associated with separate functions only tofacilitate an understanding of the different types of functions that canbe performed by individuals having access to LAN 136.

Server system 112 is configured to be communicatively coupled to variousindividuals, including employees 144 and to third parties, e.g., accountholders, customers, auditors, etc., 146 using an ISP Internet connection148. The communication in the exemplary embodiment is illustrated asbeing performed using the Internet, however, any other wide area network(WAN) type communication can be utilized in other embodiments, i.e., thesystems and processes are not limited to being practiced using theInternet. In addition, and rather than WAN 150, local area network 136could be used in place of WAN 150.

In the exemplary embodiment, any authorized individual having aworkstation 154 can access system 122. At least one of the clientsystems includes a manager workstation 156 located at a remote location.Workstations 154 and 156 are personal computers having a web browser.Also, workstations 154 and 156 are configured to communicate with serversystem 112. Furthermore, fax server 128 communicates with remotelylocated client systems, including a client system 156 using a telephonelink. Fax server 128 is configured to communicate with other clientsystems 138, 140, and 142 as well.

FIG. 5 illustrates an exemplary configuration of a user computer device202 operated by a user 201. User computer device 202 may include, but isnot limited to, client systems 114, 138, 140, and 142, POS terminal 115,input device 118, workstation 154, and manager workstation 156 (shown inFIG. 4).

User computer device 202 includes a processor 205 for executinginstructions. In some embodiments, executable instructions are stored ina memory area 210. Processor 205 may include one or more processingunits (e.g., in a multi-core configuration). Memory area 210 is anydevice allowing information such as executable instructions and/or otherdata to be stored and retrieved. Memory area 210 may include one or morecomputer readable media.

User computer device 202 also includes at least one media outputcomponent 215 for presenting information to user 201. Media outputcomponent 215 is any component capable of conveying information to user201. In some embodiments, media output component 215 includes an outputadapter such as a video adapter and/or an audio adapter. An outputadapter is operatively coupled to processor 205 and operativelycouplable to an output device such as a display device (e.g., a liquidcrystal display (LCD), organic light emitting diode (OLED) display,cathode ray tube (CRT), or “electronic ink” display) or an audio outputdevice (e.g., a speaker or headphones).

In some embodiments, user computer device 202 includes an input device220 for receiving input from user 201. Input device 220 may include, forexample, a keyboard, a pointing device, a mouse, a stylus, a touchsensitive panel (e.g., a touch pad or a touch screen), a gyroscope, anaccelerometer, a position detector, or an audio input device. A singlecomponent such as a touch screen may function as both an output deviceof media output component 215 and input device 220.

User computer device 202 may also include a communication interface 225,which is communicatively couplable to a remote device such as serversystem 112. Communication interface 225 may include, for example, awired or wireless network adapter or a wireless data transceiver for usewith a mobile phone network (e.g., Global System for Mobilecommunications (GSM), 3G, 4G or Bluetooth) or other mobile data network(e.g., Worldwide Interoperability for Microwave Access (WIMAX)).

Stored in memory area 210 are, for example, computer readableinstructions for providing a user interface to user 201 via media outputcomponent 215 and, optionally, receiving and processing input from inputdevice 220. A user interface may include, among other possibilities, aweb browser and client application. Web browsers enable users, such asuser 201, to display and interact with media and other informationtypically embedded on a web page or a website from server system 112. Aclient application allows user 201 to interact with a server applicationfrom server system 112.

FIG. 6 illustrates an exemplary configuration of a server computerdevice 301 such as server system 112 (shown in FIGS. 3 and 4). Servercomputer device 301 may include, but is not limited to, database server116, transaction server 124, web server 126, fax server 128, directoryserver 130, and mail server 132.

Server computer device 301 includes a processor 305 for executinginstructions. Instructions may be stored in a memory area 310, forexample. Processor 305 may include one or more processing units (e.g.,in a multi-core configuration).

Processor 305 is operatively coupled to a communication interface 315such that server computer device 301 is capable of communicating with aremote device such as user computer device 202 or another servercomputer device 301. For example, communication interface 315 mayreceive requests from user computer device 114 or input device 118 viathe Internet, as illustrated in FIGS. 3 and 4.

Processor 305 may also be operatively coupled to a storage device 134.Storage device 134 is any computer-operated hardware suitable forstoring and/or retrieving data. In some embodiments, storage device 134is integrated in server computer device 301. For example, servercomputer device 301 may include one or more hard disk drives as storagedevice 134. In other embodiments, storage device 134 is external toserver computer device 301 and may be accessed by a plurality of servercomputer devices 301. For example, storage device 134 may includemultiple storage units such as hard disks or solid state disks in aredundant array of inexpensive disks (RAID) configuration. Storagedevice 134 may include a storage area network (SAN) and/or a networkattached storage (NAS) system.

In some embodiments, processor 305 is operatively coupled to storagedevice 134 via a storage interface 320. Storage interface 320 is anycomponent capable of providing processor 305 with access to storagedevice 134. Storage interface 320 may include, for example, an AdvancedTechnology Attachment (ATA) adapter, a Serial ATA (SATA) adapter, aSmall Computer System Interface (SCSI) adapter, a RAID controller, a SANadapter, a network adapter, and/or any component providing processor 305with access to storage device 134.

Memory areas 210 and 310 may include, but are not limited to, randomaccess memory (RAM) such as dynamic RAM (DRAM) or static RAM (SRAM),read-only memory (ROM), erasable programmable read-only memory (EPROM),electrically erasable programmable read-only memory (EEPROM), andnon-volatile RAM (NVRAM). The above memory types are exemplary only, andare thus not limiting as to the types of memory usable for storage of acomputer program.

FIG. 7 is a block diagram of a portion of an exemplary payment cardsystem 500 showing an authentication data flow between a merchant POSdevice 502, a cardholder input device 504, and a payment network 506.FIG. 8 is a block diagram of a portion of an exemplary payment cardsystem 550 showing a first alternative authentication data flow betweenmerchant POS device 502, cardholder input device 504, and paymentnetwork 506. FIG. 9 is a block diagram of an exemplary payment cardsystem 570 showing a second alternative authentication data flow betweenmerchant POS device 502, cardholder input device 504, payment network506, an issuing bank 572, and an acquiring bank 574. Any of the dataflows shown in FIGS. 7-9 may be used for authenticating a cardholder,and generating and sending an authorization request.

In the example embodiment and referring to FIGS. 3 and 7, merchant POSdevice 502 is similar to POS terminal 115, cardholder input device 504is similar to cardholder input device 118, and payment network 506 issimilar to at least one of client system 114 and server system 112.Payment network 506 is associated with any of an issuing bank, amerchant bank, an interchange network or any other third-party serviceprovider.

When processing a payment-by-card transaction, input device 504 isauthenticated 510 by merchant POS device 502. Authentication 510 issubstantially the same process in both FIGS. 7 and 8 and may be used aspart of a payment card system, as described below with reference toFIGS. 10-12.

Authentication process 510 occurs by cardholder input device 504transmitting 512 account data to merchant POS device 502. In the exampleembodiment, input device 504 is associated with or controlled by acardholder making a purchase using a payment card. The payment card isassociated with an account. Input device 504 is interconnected to theInternet through many interfaces including a network, such as a localarea network (LAN) or a wide area network (WAN), dial-in-connections,cable modems, wireless modems, and special high-speed ISDN lines. Inputdevice 504 could be any device capable of interconnecting to theInternet including a web-based phone, personal digital assistant (PDA),or other web-based connectable equipment. Input device 504 is alsoconfigured to communicate with POS device 502 using various outputsincluding, for example, Bluetooth communication, radio frequencycommunication, near field communication, network-based communication,and the like. Input device 504 also includes account data stored withinmemory associated with input device 504. The account data includes atleast one of a cardholder name, a cardholder address, an account numberor other account identifier, an expiration date, and/or a securitytoken, such as a cryptographic key. Input device 504 is configured tocommunicate or transmit at least a portion of the account data to POSdevice 502 for authentication purposes.

POS device 502 receives the account data from input device 504 andvalidates the account data. For example, POS device 502 may determinewhether the account number conforms to a predefined account numberingscheme and/or whether the expiration date has passed. If POS device 502successfully validates the account data, POS device 502 may thentransmit 514 a confirming authorization message back to input device 504confirming that POS device 502 recognizes input device 504 as anauthentic and genuine payment card.

Cardholder input device 504 receives the confirming authorizationmessage from POS device 502. Based at least in part on the receivedauthorization message, input device 504 determines that POS device 502is an authentic and genuine POS device registered with the appropriatepayment card system. This completes authentication process 510.

In some embodiments, POS device 502 and input device 504 authenticateeach other, such as by exchanging and validating cryptographic keys. Forexample, input device 504 may include a cryptographic key associatedwith input device 504 when transmitting 512 account data. POS device 502may validate the key and include a cryptographic key associated with POSdevice 502 when transmitting 514 the authorization message.

In some embodiments, POS device 502 communicates with payment network506 via input device 504, as described in FIG. 7. In such embodiments,input device 504 may be understood to act as a proxy or a gatewaybetween POS device 502 and payment network 506. In other embodiments,input device 504 collects information from POS device 502 and isresponsible for initiating communication with payment network 506, asdescribed in FIG. 8.

Referring to FIG. 7, after authentication 510 is completed, POS device502 “pairs” with input device 504, using the various outputs of inputdevice 504, to initiate a communication link via the networkcapabilities of input device 504 with payment network 506. POS device502 is then able to transmit 520 an authorization request message topayment network 506 using the network capabilities of input device 504.Payment network 506 processes the authorization request message andtransmits 530 an authorization response message to POS device 502 usingthe same communication link, namely the network capabilities of inputdevice 504. Since POS device 502 and input device 504 are paired incommunication, input device 504 communicates 540 the authorizationresponse message to POS device 502 with both such devices optionallybeing able to display at least a portion of the authorization responsemessage. For example, POS device 502 and/or input device 504 may displayan indication of whether the financial transaction related to theauthorization response message is approved or declined. In oneembodiment, a financial transaction is approved when data related to thetransaction (e.g., transaction data, account data, and/or merchant data)is successfully validated and is declined when such data isunsuccessfully validated.

Referring to FIG. 8, after authentication 510 is completed, input device504 is presented in proximity to POS device 502 such that an exchange oftransaction data can occur between the two devices. Specifically, POSdevice 502 transmits 552 transaction data including at least a merchantidentifier, and a transaction amount to input device 504. Input device504 captures the transaction data and, using computer-readableinstructions stored on input device 504, creates and transmits 554 anauthorization request message to payment network 506. Payment network506 processes the authorization request message and transmits 556 anauthorization response message to input device 504 using the networkcapabilities of input device 504. After receiving the authorizationresponse message, input device 504 can again be presented in proximityto POS device 502 such that the authorization response message can betransmitted 558 to POS device 502.

Referring to FIG. 9, in some embodiments, POS device 502 transmits 552transaction information to input device 504, as described above withreference to FIG. 8. The transaction information includes merchant datacorresponding to the merchant associated with POS device 502. Forexample, the merchant data may include a merchant identifier, a merchantname, a merchant address, and/or a cryptographic key associated with themerchant.

Input device 504 transmits 554 an authorization request message topayment network 506. The authorization request message includes at leasta portion of the transaction data (e.g., including the merchant data,such as the cryptographic key associated with the merchant) and accountdata associated with input device 504. For example, the account data mayinclude a cryptographic key associated with input device 504.

Payment network 506 receives the authorization request message and“splits” the authorization request message. More specifically, paymentnetwork 506 transmits 582 the authorization request message, or amerchant authentication request message that includes a portion of theauthorization request message (e.g., the merchant data), to an acquiringbank 572 associated with the merchant. Payment network 506 alsotransmits 584 the authorization request message to an issuing bank 574associated with the cardholder.

Acquiring bank 572 authenticates POS device 502 by validating themerchant data from the authorization request message or merchantauthentication request message, and transmits 586 an authorizationresponse message or a merchant authentication response message topayment network 506 indicating whether the validation was successful.For example, a positive response message may indicate a successfulvalidation, and a declined response message may indicate an unsuccessfulvalidation.

Issuing bank 574 authenticates input device 504 by validating theaccount data from the authorization request message. Issuing bank 574also validates the payment-by-card transaction associated with theauthorization request message. For example, issuing bank 574 maydetermine whether the cardholder has sufficient funds for thetransaction. If the account data is successfully validated, and thecardholder has sufficient funds, issuing bank 574 transmits 588 anapproved authorization response message. Otherwise, issuing bank 574transmits 588 a declined authorization response message.

Payment network 506 receives the response messages from acquiring bank572 and issuing bank 574. When both acquiring bank 572 and issuing bank574 indicate a successful validation, payment network 506 transmits 590an approved authorization response message to input device 504. Ifeither or both of acquiring bank 572 and issuing bank 574 indicate anunsuccessful validation, payment network 506 transmits 590 a declinedauthorization response message to input device 504. Input device 504receives the authorization response message from payment network 506 andtransmits 592 the authorization response message to POS device 502. Suchan embodiment facilitates authenticating POS device 502 and input device504 even when the security of one or both of POS device 502 and inputdevice 504 is compromised.

FIG. 10 is a more detailed block diagram of an exemplary payment cardsystem 600 showing a payment data flow between a merchant POS device602, a cardholder input device 604, an issuing bank computer system 606,a payment network 608, and a merchant bank account 610.

In the example embodiment and referring to FIGS. 3 and 10, merchant POSdevice 602 is similar to POS terminal 115, cardholder input device 604is similar to cardholder input device 118, issuing bank computer system606 and merchant bank account 610 are similar to client systems 114, andpayment network 608 is similar to server system 112 or any othercommunication network for processing payments by transaction cards.

When processing a payment-by-card transaction using system 600, merchantPOS device 602 and cardholder input device 604 initiate authenticationprocess 510 as described in FIGS. 7 and 8. After authentication process510 is performed, an authorization request message is created asdescribed in FIGS. 7 and 8. Cardholder input device 604 transmits 620the authorization request message, via the network capabilities of inputdevice 604, directly to issuing bank computer system 606. Issuing bankcomputer system 606 validates the transaction, such as by determining bysearching its database whether the cardholder has adequate funds tocover the transaction amount. Issuing bank computer system 606 thentransmits 630 an authorization response message, via the networkcapabilities of input device 604, back to input device 604.

Cardholder input device 604 transmits 640 the authorization responsemessage to merchant POS device 602. As explained above in FIG. 7, in oneembodiment, POS device 602 is “paired” in communication with inputdevice 604, using the various outputs of input device 604. This pairingallows cardholder input device 604 to transmit 640 the authorizationresponse message to POS device 602 with both such devices being able todisplay the authorization response message. Alternatively, and asexplained above in FIG. 8, in another embodiment, input device 604 ispresented in proximity to POS device 602 such that an exchange of datacan occur between the two devices. Specifically, cardholder input device604 transmits 640 the authorization response message to POS device 602with both such devices being able to display the authorization responsemessage.

Settlement of the transaction amount must then occur within paymentsystem 600. In the example embodiment, settlement occurs by issuing bankcomputer system 606 transmitting 650 settlement account data to paymentnetwork 608. In one embodiment, the settlement account data includes asettlement identifier for identifying the proper bank account of themerchant that the transaction funds are to be transferred to. Thesettlement identifier may be provided to issuing bank computer system606 as part of the original authorization request message transmitted bycardholder input device 604 to issuing bank computer system 606.

In another embodiment, the settlement account data includes a merchantidentifier, which it received as part of the original authorizationrequest message transmitted by cardholder input device 604, to paymentnetwork 608. Payment network 608 includes a merchant database thatstores information on each merchant including instructions for settlingthe transaction and a settlement identifier for the correspondingmerchant. According, payment network 608 receives the merchantidentifier from the issuing bank computer system 606, and performs alook up within the merchant database to find a settlement identifiercorresponding to the merchant identifier.

Once payment network 608 has the settlement identifier for thetransaction, network 608 is able to transmit 660 the settlement data,representing the settlement funds, to the appropriate merchant account610 with the help of the acquiring bank. The appropriate merchantaccount is designated by the settlement identifier. The cardholder iseventually billed by the issuing bank for the transaction amount. Thiscompletes payment process 600 of a payment-by-card transaction.

FIG. 11 is a more detailed block diagram of an exemplary payment cardsystem 700 showing a first alternative payment data flow between amerchant POS device 702, a cardholder input device 704, an issuing bankcomputer system 706, a payment network 708, an acquiring bank computersystem 710, and a merchant bank account 712.

In the example embodiment and referring to FIGS. 3 and 11, merchant POSdevice 702 is similar to POS terminal 115; cardholder input device 704is similar to cardholder input device 118; issuing bank computer system706, acquiring bank computer system 708 and merchant bank account 712are similar to client systems 114; and payment network 708 is similar toserver system 112 or any other communication network for processingpayments by transaction cards such as an interchange network.

When processing a payment-by-card transaction using system 700, merchantPOS device 702 and cardholder input device 704 initiate authenticationprocess 510 as described in FIGS. 7 and 8. After authentication process510 is performed, an authorization request message is created asdescribed in FIGS. 7 and 8. Cardholder input device 704 transmits 720the authorization request message, via the network capabilities of inputdevice 704, to payment network 708. Payment network 708 processes thereceived authorization request message, and transmits 725 theauthorization request message to issuing bank computer system 706.Issuing bank computer system 706 determines by searching its databasewhether the cardholder has adequate funds to cover the transactionamount. Issuing bank computer system 706 then transmits 730 anauthorization response message back to payment network 708. Paymentnetwork 708 forwards 735 the authorization response message, via thenetwork capabilities of input device 704, back to cardholder inputdevice 704.

Cardholder input device 704 transmits 740 the authorization responsemessage to merchant POS device 702. As explained above in FIG. 7, in oneembodiment, POS device 702 is “paired” in communication with inputdevice 704, using the various outputs of input device 704. This pairingallows cardholder input device 704 to transmit 740 the authorizationresponse message to POS device 702 with both such devices being able todisplay the authorization response message. Alternatively, and asexplained above in FIG. 8, in another embodiment, input device 704 ispresented in proximity to POS device 702 such that an exchange of datacan occur between the two devices. Specifically, cardholder input device704 transmits 740 the authorization response message to POS device 702with both such devices being able to display the authorization responsemessage.

Settlement of the transaction amount must then occur within paymentsystem 700. In the example embodiment, settlement occurs by paymentnetwork 708 transmitting 745 settlement account data to acquiring bankcomputer system 710. In the example embodiment, the settlement accountdata includes a merchant identifier, which payment network 708 receivedas part of the original authorization request message transmitted bycardholder input device 704. Thus, after payment network 708 receives anapproved authorization response message from issuing bank computersystem 706 for the transaction, payment network 708 is able to providesettlement account data to acquiring bank computer system 710. Acquiringbank computer system 710 uses the settlement account data including themerchant identifier to determine the appropriate merchant bank accountto deposit the transaction funds in.

Once acquiring bank computer system 710 has the merchant identifier forthe transaction, acquiring bank computer system 710 is able to transmit750 settlement data, representing the settlement funds, to theappropriate merchant account 712. The appropriate merchant account isdesignated by the merchant identifier and the merchant account datastored at the acquiring bank. The cardholder is eventually billed by theissuing bank for the transaction amount. This completes payment process700 of a payment-by-card transaction.

FIG. 12 is a more detailed block diagram of an exemplary payment cardsystem 800 showing a second alternative payment data flow between amerchant POS device 802, a cardholder input device 804, an issuing bankcomputer system 806, a payment network 808, an acquiring bank computersystem 810, and a merchant bank account 812.

In the example embodiment and referring to FIGS. 3 and 12, merchant POSdevice 802 is similar to POS terminal 115; cardholder input device 804is similar to cardholder input device 118; issuing bank computer system806, acquiring bank computer system 808 and merchant bank account 812are similar to client systems 114; and payment network 808 is similar toserver system 112 or any other communication network for processingpayments by transaction cards such as an interchange network.

When processing a payment-by-card transaction using system 800, merchantPOS device 802 and cardholder input device 804 initiate authenticationprocess 510 as described in FIGS. 7 and 8. After authentication process510 is performed, an authorization request message is created asdescribed in FIGS. 7 and 8. Cardholder input device 804 transmits 820the authorization request message, via the network capabilities of inputdevice 804, to acquiring bank computer system 810. In the exampleembodiment, input device 804 receives an identifier from merchant POSdevice 802 that identifies the merchant's acquiring bank so that inputdevice 804 is able to transmit 820 the authorization request message toacquiring bank computer system 810.

Acquiring bank computer system 810 then forwards 825 the receivedauthorization request message to payment network 808. Payment network808 processes the received authorization request message, and transmits830 the authorization request message to issuing bank computer system806. Issuing bank computer system 806 determines by searching itsdatabase whether the cardholder has adequate funds to cover thetransaction amount. Issuing bank computer system 806 then transmits 835an authorization response message back to payment network 808. Paymentnetwork 808 forwards 840 the authorization response message to acquiringbank computer system 810. Acquiring bank computer system 810 thentransmits 845, via the network capabilities of input device 804, theauthorization response message to cardholder input device 804.

Cardholder input device 804 transmits 850 the authorization responsemessage to merchant POS device 802. As explained above in FIG. 7, in oneembodiment, POS device 802 is “paired” in communication with inputdevice 804, using the various outputs of input device 804. This pairingallows cardholder input device 804 to transmit 850 the authorizationresponse message to POS device 802 with both such devices being able todisplay the authorization response message. Alternatively, and asexplained above in FIG. 8, in another embodiment, input device 804 ispresented in proximity to POS device 802 such that an exchange of datacan occur between the two devices. Specifically, cardholder input device804 transmits 850 the authorization response message to POS device 802with both such devices being able to display the authorization responsemessage.

Settlement of the transaction amount must then occur within paymentsystem 800. In the example embodiment, settlement occurs after paymentnetwork 808 provides acquiring bank computer system 810 with theauthorization response message. In the example embodiment, after paymentnetwork 808 receives an approved authorization response message fromissuing bank computer system 806 for the transaction, payment network808 is able to provide settlement data to acquiring bank computer system810. Acquiring bank computer system 810 uses the settlement dataincluding the merchant identifier to determine the appropriate merchantbank account to deposit the transaction funds in.

Once acquiring bank computer system 810 has the merchant identifier forthe transaction, acquiring bank computer system 810 is able to transmit855 settlement data, representing the settlement funds, to theappropriate merchant account 812. The appropriate merchant account isdesignated by the merchant identifier and the merchant account datastored at the acquiring bank. The cardholder is eventually billed by theissuing bank for the transaction amount. This completes payment process800 of a payment-by-card transaction.

Based on the foregoing specification, the above-discussed embodiments ofthe invention may be implemented using computer programming orengineering techniques including computer software, firmware, hardwareor any combination or subset thereof. Any such resulting program, havingcomputer-readable and/or computer-executable instructions, may beembodied or provided within one or more computer-readable media, therebymaking a computer program product, i.e., an article of manufacture,according to the discussed embodiments of the invention. The computerreadable media may be, for instance, a fixed (hard) drive, diskette,optical disk, magnetic tape, semiconductor memory such as read-onlymemory (ROM) or flash memory, etc., or any transmitting/receiving mediumsuch as the Internet or other communication network or link. The articleof manufacture containing the computer code may be made and/or used byexecuting the instructions directly from one medium, by copying the codefrom one medium to another medium, or by transmitting the code over anetwork.

While the disclosure has been described in terms of various specificembodiments, it will be recognized that the disclosure can be practicedwith modification within the spirit and scope of the claims.

1.-25. (canceled)
 26. A computer-implemented method comprising:receiving an authorization request message for a payment transactioninitiated by a cardholder with a merchant, the authorization requestmessage transmitted by a cardholder input device to a payment networkcomputing device without a merchant point-of-sale (POS) devicecommunicating with the payment network computing device, wherein thecardholder input device electronically pairs with the merchant POSdevice to receive transaction data associated with the paymenttransaction and merchant data associated with the merchant, wherein theauthorization request message includes: payment account data associatedwith a payment account of the cardholder used to initiate the paymenttransaction, and the received transaction data and merchant data;transmitting the authorization request message from the payment networkcomputing device to an issuer bank computing device associated with thepayment account; generating, by the payment network computing device, amerchant authentication request message by filtering out a portion ofthe authorization request message that includes the merchant data;transmitting the merchant authentication request message from thepayment network computing device to an acquiring bank computing deviceassociated with the merchant; upon receiving a positive validation ofeach of the authorization request message from the issuer bank computingdevice and the merchant authentication request message from theacquiring bank computing device, generating an approved authorizationresponse message by the payment network computing device; andtransmitting the approved authorization response message from thepayment network computing device to the cardholder input device in lieuof transmission of the approved authorization response message to themerchant POS device.
 27. A computer-based method according to claim 26,wherein receiving an authorization message further comprises receiving,by the payment computing device, the authorization message from thecardholder input device after the cardholder input device electronicallypairs with the merchant POS device, wherein the electronic pairingincludes: transmitting payment account data to the merchant POS device,wherein the payment account data is associated with a payment cardissued to the cardholder, and wherein the payment account data includesa cardholder input device cryptographic key; recognizing a merchant POSdevice cryptographic key embedded within merchant data received from themerchant POS device; and authenticating the merchant POS device byvalidating the merchant POS device cryptographic key.
 28. Acomputer-based method according to claim 26, further comprising:generating, by the payment network computing device, a declinedauthorization response message after receiving a negative validation ofat least one of the authorization request message and the merchantauthentication request message.
 29. A computer-based method according toclaim 26, wherein receiving an authorization request message furthercomprises receiving, by the payment network computing device, theauthorization request message generated by the cardholder input devicebased at least in part on the transaction data received from themerchant POS device.
 30. A computer-based method according to claim 26,wherein a payment account number associated with the payment accountdata is not provided to the POS device during the processing of thefinancial transaction.
 31. A computer-based method according to claim26, wherein transmitting the approved authorization response messagefurther comprises prompting, by the payment network computing device,the cardholder input device to forward the approved authorizationresponse message to the merchant POS device for completing thetransaction.
 32. A cardholder input device comprising: a memory deviceconfigured to store account data associated with a payment account of acardholder; a communication interface configured to communicate with amerchant point of sale (POS) device, and a payment network computingdevice; and a processor coupled to said memory device and saidcommunication interface, said processor programmed to: receive, from themerchant POS device, transaction data associated with a paymenttransaction, and merchant data associated with the merchant; generate anauthorization request message for the payment transaction, wherein theauthorization request message includes the account data, the receivedtransaction, data and the merchant data. transmit the authorizationrequest message to the payment network computing device via saidcommunication interface; and wherein the payment network computingdevice is configured to: generate a merchant authentication requestmessage from the authorization request message by filtering out themerchant data, and transmit the merchant authentication request messageto an acquiring bank computing device associated with the merchant forvalidation, and wherein the payment network computing device is furtherconfigured to transmit the authorization request message to an issuerbank computing device having an account associated with the cardholderfor validation; and receive an authorization response message from thepayment network computing device upon validation of each of theauthorization request message by the issuer bank computing device andvalidation of the merchant authentication request message by theacquiring bank computing device.
 33. A cardholder input device accordingto claim 32, wherein the processor is further programmed to: transmitpayment account data to the merchant POS device, wherein the paymentaccount data is associated with a payment card issued to the cardholder,and wherein the payment account data includes a cardholder input devicecryptographic key; recognize a merchant POS device cryptographic keyembedded within merchant data received from the merchant POS device; andauthenticate the merchant POS device by validating the merchant POSdevice cryptographic key.
 34. A cardholder input device according toclaim 32, wherein the processor is further programmed to: transmit theauthorization response message to the merchant POS device.
 35. Acardholder input device according to claim 34, wherein the authorizationresponse message includes a decline authorization response message whenat least one of the transaction data and the merchant data is notsuccessfully validated.
 36. A payment network computing devicecomprising: a memory device for storing a plurality of data includingpayment account data, transaction data, and merchant data; and aprocessor configured to communicate with said memory device, saidprocessor programmed to: receive an authorization request message for apayment transaction initiated by a cardholder with a merchant, theauthorization request message transmitted from a cardholder input deviceto the payment network computing device without a merchant point-of-sale(POS) device communicating with the payment network computing device,wherein the cardholder input device electronically pairs with themerchant POS device to receive transaction data associated with thepayment transaction and merchant data associated with the merchant,wherein the authorization request message includes: payment account dataassociated with a payment account of the cardholder used to initiatedthe payment transaction, and the received transaction data and merchantdata; transmit the authorization request message to an issuer bankcomputing device associated with the payment account; generate amerchant authentication request message, by filtering out a portion ofthe authorization request message that includes the merchant data;transmit the merchant authentication request message to an acquiringbank computing device associated with the merchant; upon receiving apositive validation of each of the authorization request message by theissuer bank computing device and the merchant authentication requestmessage by the acquiring bank computing device, generating an approvedauthorization response message by the payment network computing device;and transmit the first approved authorization response message from thepayment network computing device to the cardholder input device in lieuof transmission of the first approved authorization response message tothe merchant POS device.
 37. A payment network computing deviceaccording to claim 36, wherein the processor is programmed to receive anauthorization request after the cardholder input device electronicallypairs with the merchant POS device, wherein the electronic pairingincludes: transmitting payment account data to the merchant POS device,wherein the payment account data is associated with a payment cardissued to the cardholder, and wherein the payment account data includesa cardholder input device cryptographic key; recognizing a merchant POSdevice cryptographic key embedded within merchant data received from themerchant POS device; and authenticating the merchant POS device byvalidating the merchant POS device cryptographic key.
 38. A paymentnetwork computing device according to claim 36, wherein the paymentnetwork computing device is further configured to: generate a declinedauthorization response message after receiving a negative validation ofat least one of the authorization request message and the merchantauthentication request message.
 39. A payment network computing deviceaccording to claim 36, wherein receiving an authorization requestmessage further comprises receiving, by the payment network computingdevice, the authorization request message generated by the cardholderinput device based at least in part on the transaction data receivedfrom the merchant POS device.
 40. A payment network computing deviceaccording to claim 36, wherein a payment account number associated withthe payment account data is not provided to the POS device during theprocessing of the financial transaction.
 41. A payment network computingdevice according to claim 36, wherein transmitting the approvedauthorization response message further comprises prompting, by thepayment network computing device, the cardholder input device to forwardthe approved authorization response message to the merchant POS devicefor completing the transaction.
 42. One or more non-transitorycomputer-readable media having computer-executable instructions embodiedthereon, wherein when executed by a payment network computing device,the computer-executable instructions cause the payment network computingdevice to: receive an authorization request message for a paymenttransaction initiated by a cardholder with a merchant, the authorizationrequest message transmitted from a cardholder input device to thepayment network computing device without a merchant point-of-sale (POS)device communicating with the payment network computing device, whereinthe cardholder input device electronically pairs with the merchant POSdevice to receive transaction data associated with the paymenttransaction and merchant data associated with the merchant, wherein theauthorization request message includes: payment account data associatedwith a payment account of the cardholder used to initiated the paymenttransaction, and the received transaction data and merchant data;transmit the authorization request message to an issuer bank computingdevice associated with the payment account; generate a merchantauthentication request message, by filtering out a portion of theauthorization request message that includes the merchant data; transmitthe merchant authentication request message to an acquiring bankcomputing device associated with the merchant; upon receiving a positivevalidation of each of the authorization request message by the issuerbank computing device and the merchant authentication request message bythe acquiring bank computing device, generating an approvedauthorization response message by the payment network computing device;and transmit the first approved authorization response message from thepayment network computing device to the cardholder input device in lieuof transmission of the first approved authorization response message tothe merchant POS device.
 43. One or more non-transitorycomputer-readable media according to claim 42, wherein when executed bypayment network computing device, the computer-executable instructionsfurther cause the payment network computing device to receive anauthorization request after the cardholder input device electronicallypairs with the merchant POS device, wherein the electronic pairingincludes: wherein when executed by payment network computing device, thecomputer-executable instructions further cause the payment networkcomputing device to: transmit payment account data to the merchant POSdevice, wherein the payment account data is associated with a paymentcard issued to the cardholder, and wherein the payment account dataincludes a cardholder input device cryptographic key; recognize amerchant POS device cryptographic key embedded within merchant datareceived from the merchant POS device; and authenticate the merchant POSdevice by validating the merchant POS device cryptographic key.
 44. Oneor more non-transitory computer-readable media according to claim 42,wherein when executed by payment network computing device, thecomputer-executable instructions further cause the payment networkcomputing device to: generate a declined authorization response messageafter receiving a negative validation of at least one of theauthorization request message and the merchant authentication requestmessage.
 45. One or more non-transitory computer-readable mediaaccording to claim 42, wherein when executed by payment networkcomputing device, the computer-executable instructions further cause thepayment network computing device to: receive the authorization requestmessage generated by the cardholder input device based at least in parton the transaction data received from the merchant POS device.
 46. Oneor more non-transitory computer-readable media according to claim 42,wherein a payment account number associated with the payment accountdata is not provided to the POS device during the processing of thefinancial transaction.
 47. One or more non-transitory computer-readablemedia according to claim 42, wherein transmitting the approvedauthorization response message further comprises prompting, by thepayment network computing device, the cardholder input device to forwardthe approved authorization response message to the merchant POS devicefor completing the transaction.